Information Privacy Engineering and Privacy by Design: Understanding Privacy Threats, Technology, and Regulations Based on Standards and Best Practices

The Comprehensive Guide to Engineering and Implementing Privacy Best PracticesAs systems grow more complex and cybersecurity attacks more relentless, safeguarding privacy is ever more challenging. Organizations are increasingly responding in two ways, and both are mandated by key standards such as GDPR and ISO/IEC 27701:2019. The first approach, privacy by design, aims to embed privacy throughout the design and architecture of IT systems and business practices. The second, privacy engineering, encompasses the technical capabilities and management processes needed to implement, deploy, and operate privacy features and controls in working systems.In Information Privacy Engineering and Privacy by Design, internationally renowned IT consultant and author William Stallings brings together the comprehensive knowledge privacy executives and engineers need to apply both approaches. Using the techniques he presents, IT leaders and technical professionals can systematically anticipate and respond to a wide spectrum of privacy requirements, threats, and vulnerabilities–addressing regulations, contractual commitments, organizational policies, and the expectations of their key stakeholders.• Review privacy-related essentials of information security and cryptography• Understand the concepts of privacy by design and privacy engineering• Use modern system access controls and security countermeasures to partially satisfy privacy requirements• Enforce database privacy via anonymization and de-identification• Prevent data losses and breaches• Address privacy issues related to cloud computing and IoT• Establish effective information privacy management, from governance and culture to audits and impact assessment• Respond to key privacy rules including GDPR, U.S. federal law, and the California Consumer Privacy ActThis guide will be an indispensable resource for anyone with privacy responsibilities in any organization, and for all students studying the privacy aspects of cybersecurity.

Dr. William Stallings has authored 18 textbooks and over 70 books on computer security, computer networking, and computer architecture. With over 30 years’ experience in the field, he has worked as a technical contributor, technical manager, and an executive at several high-technology firms. Currently, he is an independent consultant whose clients have included computer and networking manufacturers and customers, software development firms, and leading-edge government research institutions. He has received the award for the best computer science textbook of the year thirteen times from the Text and Academic Authors Association. Dr. Stallings created and maintains the Computer Science Student Resource Site at ComputerScienceStudent.com. This site provides documents and links on a variety of subjects of general interest to computer science students and professionals. He is a member of the editorial board of Cryptologia, a scholarly journal devoted to all aspects of cryptology. He holds a Ph.D. from MIT in computer science and a B.S. from Notre Dame in electrical engineering.

Part I: Planning for Privacy 1. Information Privacy Concepts 2. Security Governance and Management 3. Risk Assessment Part II: Privacy Threats 4. Information Storage and Processing 5. Information Collection and Dissemination 6. Intrusion and Interference Part III: Information Privacy Technology 7. Basic Privacy Controls 8. Privacy Enhancing Technology 9. Data Loss Prevention 10. Online Privacy 11. Detection of Conflicts In Security Policies 12. Privacy Evaluation Part IV: Information Privacy Regulations 13. GDPR 14. U.S. Privacy Laws and Regulations